AI unleashes more advanced scams. Here's what to look out for (and how to stay protected)

Getty Images/Just_Super

Artificial intelligence (AI) makes creating caller materials, specified arsenic text oregon images, arsenic casual arsenic typing a elemental substance prompt. Even though that capableness means large productivity gains for individuals, atrocious actors tin exploit AI to create elaborate cyber scams.

Also: The champion VPN services (and however to take the close 1 for you)

Evidence suggests cyberattacks are connected the rise. Between March 2024 and March 2025, Microsoft stopped astir $4 bn of fraud attempts. Many of those attacks were AI-enhanced. 

"We've seen it wherever a clump of radical are utilizing AI truly good to amended their lives, which is what we want, but successful the hands of atrocious actors, they're utilizing AI to supercharge their scams," said Kelly Bissell, CVP, Fraud and Abuse astatine Microsoft, to ZDNET. 

Also: Navigating AI-powered cyber threats successful 2025: 4 adept information tips for businesses

On Wednesday, Microsoft published its Cyber Signals study titled 'AI-Driven Deception: Emerging Fraud Threats and Countermeasures' to assistance radical place communal attacks and larn what preventative measures they tin take. You tin find a roundup of the attacks identified successful the study and tips to enactment harmless online below. 

E-commerce fraud 

If you person encountered immoderate AI-generated content, whether it's an representation oregon text, you person apt seen how realistic AI contented tin be. Bad actors tin usage this capableness to make fraudulent websites that are visually indistinguishable from existent ones with AI-generated merchandise descriptions, images, and adjacent reviews. Since this enactment requires nary anterior method cognition and conscionable a tiny magnitude of time, consumers' chances of coming crossed these scams are higher than successful the past. 

There are ways to enactment protected, including utilizing a browser with mitigations built-in. For example, Microsoft Edge has website typo extortion and domain impersonation protection, which usage heavy learning to pass users astir fake websites. Edge besides has a Scareware Blocker, which blocks scam pages and popup screens.

Microsoft besides identifies proactive measures users tin take, specified arsenic avoiding impulse buying, arsenic a mendacious consciousness of urgency is often simulated connected fraudulent sites with countdown timers and different akin tactics, and avoiding outgo mechanisms that deficiency fraud protections, specified arsenic nonstop slope transfers oregon cryptocurrency. Another extremity is to beryllium cautious astir clicking connected ads without verification. 

"AI for atrocious tin really people 'Sabrina' and what you bash due to the fact that of each your nationalist accusation that you enactment on, customize an advertisement for you, and they tin acceptable up a website and wage for an advertisement wrong the hunt motor beauteous easy for Sabrina oregon tons of Sabrinas," Bissell said arsenic an example. 

Employment fraud 

Bad actors tin make fake occupation listings successful seconds utilizing AI. To marque these ads adjacent much convincing, the actors volition database them connected assorted reliable occupation platforms utilizing stolen credentials, auto-generated descriptions, and adjacent AI-driven interviews and emails, according to the report. 

Microsoft suggests that occupation listing platforms should instrumentality multi-factor authentication for employers truthful atrocious actors can't co-opt their listings and fraud-detection technologies to emblem fraudulent content. 

Also: How AI agents assistance hackers bargain your confidential information - and what to bash astir it

Until those measures are wide adopted, users tin look retired for informing signs, specified arsenic an employment connection that includes a petition for idiosyncratic information, specified arsenic slope relationship oregon outgo information nether the guise of inheritance cheque fees oregon individuality verification. 

Other informing signs see unsolicited occupation offers oregon interrogation requests via substance oregon email. Users tin instrumentality a proactive measurement by verifying the leader and recruiter's legitimacy to crosscheck their details connected LinkedIn, Glassdoor, and different authoritative websites. 

"Make definite that if it sounds excessively bully to beryllium true, similar minimal experience, wherever a large wage is astir apt excessively bully to beryllium true," said Bissell. 

Tech enactment scams

These scams instrumentality users into reasoning they request method enactment services for problems that bash not beryllium done precocious societal engineering ploys via text, email, and different channels. The atrocious actors past summation distant entree to the person's computer, allowing them to presumption accusation and instal malware. 

Even though this onslaught does not needfully impact utilizing AI, it is inactive highly effectual astatine targeting victims. For example, Microsoft said Microsoft Threat Intelligence observed the ransomware-focused cybercriminal radical Storm-1811 posing arsenic IT enactment from morganatic organizations done dependable phishing (vishing) attacks, convincing users to manus implicit entree to their computers via Quick Assist. Similarly, Storm-1811 utilized Microsoft Teams to motorboat vishing attacks connected targeted users.

Also: The champion VPN services for iPhone and iPad (yes, you request to usage one)

Microsoft said it has mitigated specified attacks by "suspending identified accounts and tenants associated with inauthentic behavior." However, the institution warns that unsolicited tech enactment offers are apt scams. 

The study said proactive measures users tin instrumentality are opting for Remote Help alternatively of Quick Assist, blocking afloat power requests connected Quick Assist, and taking vantage of integer fingerprinting capabilities. 

Advice for companies

AI is evolving rapidly and its precocious capabilities tin assistance your enactment enactment protected. Bissell said each institution should see implementing AI arsenic soon arsenic imaginable to enactment up of the curve.

"An important portion of proposal for companies is, successful this feline and rodent game, they've got to follow AI for antiaircraft purposes present because, if they don't, past they're going to beryllium astatine a disadvantage from the attackers," said Bissell.